Monday 1 January 2018

Traditional Antivirus fails to protect 40 percent of users!

Conventional antivirus solutions are failing to protect users from attacks according to a  Malwarebytes report.

The study is based on real-world clean up scans performed by Malwarebytes. Nearly 40 percent (39.18percent) of all malware attacks cleaned on endpoints with an AV installed occurred on endpoints that had two or more traditional AV solutions registered.

In addition 39.16 percent of attacks on endpoints with a non-OS bundled AV installed occurred on an endpoint running one of the four leading traditional AV solutions.

"The results of these scans clearly indicate the ineffectiveness of today's traditional AV solutions and, more importantly, the unknown risks to users that depend only on these AV platforms to stay safe," says Marcin Kleczynski, CEO of Malwarebytes. "Antiquated AV technology is no longer enough to protect from sophisticated cyberthreats. It's crucial that consumers and businesses understand this now before they become a victim of the next attack."

The findings also show the top ransomware types detected on compromised machines are Hidden Tear (41.65 percent) and Cerber (18.26 percent). Botnets most often detected include IRCBot (61.56 percent) and Kelihos (26.95 percent). The most prevalent Trojan types bypassing traditional AV detections are Fileless (17.76 percent) and DNSChangermalware (17.51 percent).

Of ransomware attacks 48.59 percent of Hidden Tear and 26.78 percent of Cerber events were found on a compromised endpoint that had at least one of the four leading traditional AV brands installed.

To show how widespread the problem is, Malwarebytes has produced a real-time heatmap that shows each time Malwarebytes remediates instances of malware on endpoints that have a traditional AV registered. It also shows the numbers of attacks missed by leading antivirus programs.

Source: betanews.com

Delete confidential data for good
Click Here and get award winning roses and chocolate for your special someone!

Sunday 29 January 2017

"Can You Hear Me?"








Police Warn: New "Can You Hear Me?" Phone Scam Could Cost You A Lot

Now this is scary!


Police are warning cellphone users of a terrifying new scam, multiple news agencies report. The scam is brilliantly simple: all it consists of is a scammer calling from an unfamiliar number (but often one with a familiar area code) and asking, "Can you hear me?" It seems like a simple question, and most people would just answer, "Yes." In this case, however, the hacker records you saying "Yes" and then uses the response to authorize credit card or bill charges.



GETTY

Friday 4 November 2016

DDoS attacks so powerful entire countries can be cut from the internet

Liberia has become the latest victim of the Mirai botnet



There has been another worrying development when it comes to massive-scale DDoS attacks, with the latest victim being an entire country – Liberia over in Africa, to be precise.
And as you won’t be surprised to hear if you’ve been following these stories, this is another assault which leverages the Mirai botnet to fire tons of traffic at the victim – that’s been the source of all these big attacks since the first massive volley against security researcher Brian Krebs (which reached some 620Gbps).
As ZDNet spotted, apparently the Mirai botnet employed in the attacks against Liberia is known as Botnet #14, and security expert Kevin Beaumont observesthis is the largest such botnet – consistently capable of producing over 500Gbps – which appears to also be the source of the recent massive attack on Dyn.
The hit on Dyn, which is a DNS provider, caused a massive web outage a fortnight ago, knocking out all manner of sites including Twitter, Netflix and Spotify.
Liberia has apparently suffered at the hands of a number of DDoS attacks which are short by nature, but worrying because they’re pretty much taking the entire country offline.

Glaring weakness 

As Beaumont observes, that’s because Liberia relies on a single pipe for its internet access, and so has a single point of failure (and it’s not the only country like this). Websites hosted in Liberia were downed, and a journalist Beaumont spoke to said that internet connectivity was going offline at times matching the DDoS blasts.
Beaumont noted: “The attacks are extremely worrying because they suggest a Mirai operator who has enough capacity to seriously impact systems in a nation state.”
The truth is that few people are on the internet in Liberia anyway – only around one in 20 of the population – but ZDNet also managed to get some confirmation from a person returning to the country, who said they experienced ‘minor interruptions’ to their internet usage on Wednesday evening.
But given the low-profile target country and the very short nature of the attacks, it seems that this is just the botnet’s owner(s) testing out firepower against a nation. It’s what might come next that’s worrying, of course, when the DDoS cannons are aimed and let loose with a sustained barrage.
As we saw with the Dyn affair, the sort of damage these large-scale attacks can now muster is quite frightening. And worse still, there’s the prospect of Mirai being cranked up in terms of its potential power as more easily compromised IoT devices (security cameras, DVRs, routers and so on) are hacked and join the massing botnet ranks.
The other major concern is the use of possible DDoS amplification techniques, such as the one we reported on last month, which could potentially be used to inflict assaults of 35Tbps or even more by seriously powering up these botnet-based attacks.
Source: http://www.techradar.com/

Saturday 25 January 2014

Cyber Threats Hit Record Levels

Cyber threats and vulnerabilities have reached their highest level for more than a decade, networking equipment specialist Cisco's latest security study reveals. 

According to the Cisco 2014 Annual Security Report, which became available this week, cumulative annual alert totals rose by 14% on the year in October 2013. The IT major says that the malicious activity witnessed is at its highest level since the firm began tracking it back in 2000 as the targets of such attacks are failing to address the challenges of the quickly evolving threat landscape.

According to the report, there is a dire need for security professionals worldwide. This, coupled with the lack of adequate systems at most enterprises, leaves organisations without the necessary resources to address cyber attacks. Cisco has estimated that the global shortage of security experts will exceed one million this year.

A startling finding of the study is that all 30 of a sample of the biggest multinational company networks generated visitor traffic to websites with malware, with 96% reviewing communicated traffic to hijacked servers and 92% transmitting traffic to empty web pages, which is also usually associated with exposure to malicious activity, Cisco noted.

And it seems that malicious attacks are widening their scope among verticals. In the past two years, sectors that had remained relatively unscathed by malicious breaches, such as agriculture and mining, witnessed a substantial rise in malware encounters, the IT company said.

The research found that Multipurpose Trojans prevailed in web-delivered malware last year, accounting for 27% of all encounters, and, among programming languages, Java is still the primary target of online criminals.

In addition, Android turned out to be by far the most targeted mobile platform, accounting for 99% of all mobile malware.

Source: www.misco.co.uk